---
title: Cryptcat
course: intro_pentest
section: "Maintaining Access with Backdoors and Rootkits"
layout: lesson
---

Although Netcat provides some amazing qualities, the program does have a few
shortcomings. First off, it’s important to understand that all traffic passes
between a Netcat client and server is done so in clear text. This means that
anyone viewing traffic or sniffing the connection will be able to view and
monitor all the information sent between the machines. Cryptcat was introduced
to address this issue. Cryptcat utilizes twofish encryption to keep the traffic
between the client and the server confidential.

The beauty of Cryptcat is that you don’t need to learn any new commands. If you
have already mastered Netcat, then you have already mastered Cryptcat; but with
Cryptcat you have the added benefit of transporting your data using an encrypted
tunnel. Anyone viewing or analyzing your network traffic won’t be able to see
your information.

One important thing about Cryptcat, you should always change the default key. If
you fail to change the default key, anyone will have the ability to decrypt your
session. The default key is: metallica and can be changed using the "`-k`"
switch.

To set up an encrypted tunnel between two machines using Cryptcat, you can issue
the following commands:

1. Start the server:
  ```
cryptcat -l -p 5757
  ```
2. Start the client:
  ```
cryptcat 192.168.1.10 5757
  ```

Now you have an encrypted tunnel set up between two machines.
